| Revision Date: | 2015-02-23 | Version: | 3 |
| Title: | SUSE-SU-2014:1557-2 -- Security update for compat-openssl097g (moderate) |
| Description: | The SLES 9 compatibility package compat-openssl097g received a roll upupdate fixing various security issues: * Build option no-ssl3 is incomplete (CVE-2014-3568) * Add support for TLS_FALLBACK_SCSV (CVE-2014-3566) * Information leak in pretty printing functions (CVE-2014-3508) * OCSP bad key DoS attack (CVE-2013-0166) * SSL/TLS CBC plaintext recovery attack (CVE-2013-0169) * Anonymous ECDH denial of service (CVE-2014-3470) * SSL/TLS MITM vulnerability (CVE-2014-0224)Security Issues: * CVE-2013-0166 * CVE-2013-0169 * CVE-2014-0224 * CVE-2014-3470 * CVE-2014-3508 * CVE-2014-3566 * CVE-2014-3568 |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CVE-2013-0166
CVE-2013-0169
CVE-2014-0224
CVE-2014-3470
CVE-2014-3508
CVE-2014-3566
CVE-2014-3568
SUSE-SU-2014:1557-2
|
| Platform(s): | SUSE Linux Enterprise Desktop 11
| Product(s): | compat-openssl097g
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 11.x is installed AND Packages match section
compat-openssl097g is earlier than 0:0.9.7g-146.22.25.1
OR compat-openssl097g-32bit is earlier than 0:0.9.7g-146.22.25.1
|